Docs: hashdrop.dev | Code: Github
I have built this CLI tool Hashdrop in Go. Most cloud storage tools encrypt your files on the server - which means the server can read them. Hashdrop encrypts files on your machine before they ever leave it. The server only ever sees encrypted blobs, never your actual data.
Each file gets its own unique Data Encryption Key (DEK), encrypted with AES-GCM. Only the encrypted blob is uploaded to the server.
The default upload mode is called vault-mode, where the DEK for each file is managed automatically in a local encrypted vault (~/.hashdrop/vault.enc). So you get strong encryption without having to manage your own keys. For users who prefer full control, there's a separate passphrase mode where you manage the keys yourself.
Sharing is simple - anyone you share the link and key with can download and decrypt the file on their end.
To read more about the security model and how it all works, check the docs.
Try it out and let me know how it goes!
Any feedback is welcome...
Top comments (0)